Acquired from Tablus in 2007, the RSA Data Loss Prevention (DLP) Suite (formerly the Tablus Content Loss Prevention Suite) is a multi-component platform that enables the Enterprise to both identify potentially sensitive corporate data and enforce centrally defined policies pertaining to that data, including remediation actions such as moving or quarantining the data or enforcement actions such as blocking the transmission of the data in E-mail communications or preventing it from being copied to a USB drive. The suite consists of three main components: RSA DLP Datacenter, RSA DLP Network, and RSA DLP Endpoint.

The RSA DLP Datacenter component (Windows 2000 Server/Server 2003) is targeted to server farms and data centers, and provides the ability to periodically (and incrementally) scan resources (including file shares, SAN/NAS storage, DBs, CMSs, etc.) for the existence of sensitive data, with policy-based remediation actions (including quarantine, delete, or move the data) automatically applied. Sensitive data is identified via detection algorithms that analyze keywords and patterns as well as their contextual placement, with provided pre-built detection templates offered for the identification of data related to regulatory requirements such as PCI, PII, HIPAA, GLBA, and SOX. Support is also provided for the customization of detection rules. Other features include centralized management and policy definition (more below), as well as workflow-enabled incident tracking, and alerting (E-mail, RSS, IM) to appropriate individuals.

RSA DLP Network is a network-based appliance that passively examines network traffic in real-time for the existence of sensitive data, applying policy-based enforcement actions (block, encrypt, quarantine) in response to discovered violations. E-mail, IM, FTP, HTTP/HTTPS, P2P, or "any generic TCP protocols" are listed as supported, with data identification (including pre-built templates and customization capabilities), and incident tracking/alerting features mirroring those of the DLP Datacenter component.

Finally, the DLP Endpoint Component offers somewhat of a combination of the Datacenter and Network components (including their policy-based detection features), but targeted to usage on actual endpoint machines. The Endpoint component itself includes a Discover tool (Windows 2000/XP/2003/Vista) that can scan a desktop/laptop for the existence of sensitive data, as well as an Enforce tool (Windows 2000/XP/2003) that can monitor that data's usage (such as copying from the laptop to a USB drive) and enforce centrally defined policies.

Tying all these products together will be the vendor's upcoming (part of the impending new release) RSA DLP Enterprise Manager, a centralized management console that provides policy management and definition tools (defined policies are then pushed to the Datacenter, Network, and Endpoint components) as well as workflow, reporting, and general administration features. The Enterprise Manager ships as an appliance with a Web-based interface.

The new version of the RSA DLP Suite is expected to be available in May, 2008. Pricing starts at approximately $50,000 for limited deployments of a particular product module and scales up for Enterprise-wide deployments of the full product suite.

Contact RSA for further information.

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about RSA Data Loss Prevention (DLP) Suite

Suggest a link
for the RSA Data Loss Prevention (DLP) Suite fact sheet